<html>
<body>

<?php

$lon = $_GET["lon"];
$lat = $_GET["lat"];
$userName = $_GET["name"];
$userStatus = $_GET["status"];
$id=$_GET["id"];
$action=$_GET["action"];

if (empty($userStatus)){
  $userStatus = "Running...";
} 
// Include the configuration and function files we created
require '../config.php';
 
// Establish a MySQL connection and select our database using values contained in config.php.
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);


if ($mysqli->connect_errno) {
    printf("Connect failed: %s\n", $mysqli->connect_error);
    exit();
}

if (!empty($lon) && !empty($lat) && !empty($id)){
  
  if (is_numeric($lon) && is_numeric($lat)){
    if ($action == "create"){
       $insert = "insert into crombtracker (name,userstatus,longitude,latitude,id) value ('".$userName."','".str_replace("'","''",$userStatus)."',".$lon.",".$lat.",'".$id."')";
       echo $insert;
       mysqli_query($mysqli ,$insert);
        
    } if ($action == "delete"){
       $delete = "delete from crombtracker where id='".$id."'";
       echo $delete;
       mysqli_query($mysqli ,$delete);
    }else {
      $update = "update crombtracker set longitude=".$lon.", latitude=".$lat.",name='".str_replace("'","''",$userName)."', userstatus='".str_replace("'","''",$userStatus)."',lastupdate=NOW() where id='".$id."'"; 
      echo $update;
      mysqli_query($mysqli ,$update);
    }
  }
}
// cleanup old tracks from other gamers...
$delete = "delete from crombtracker where lastupdate < TIMESTAMPADD(HOUR,-1,NOW())"; 
mysqli_query($mysqli ,$delete);

$mysqli->close();

?>
</body>
</html>